Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QicTwP2xqukbpgQUDdEHHtKE904.roa
File: QicTwP2xqukbpgQUDdEHHtKE904.roa (raw, json)
Hash identifier: iG3NkBkRkQQTIpWawnMm1ZGbZqd1jfFVHlMcBNvhpuY=
Subject key identifier: 42:27:13:C0:FD:B1:AA:E9:1B:A6:04:14:0D:D1:07:1E:D2:84:F7:4E
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0191744C4CC3AFA25DBFED3EF915ED67956A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QicTwP2xqukbpgQUDdEHHtKE904.roa
Signing time: Wed 21 Aug 2024 09:37:22 +0000
ROA not before: Wed 21 Aug 2024 09:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 193.84.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 10:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:4c:4c:c3:af:a2:5d:bf:ed:3e:f9:15:ed:67:95:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Aug 21 09:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=422713c0fdb1aae91ba604140dd1071ed284f74e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:f4:d4:28:76:10:a5:42:2a:67:3c:9e:bd:
ec:c6:d3:9a:ba:95:f5:79:77:7c:2c:22:5a:0a:30:
de:97:07:89:dc:ff:73:d7:d2:3a:bc:55:d9:37:7c:
64:34:a7:50:3c:fc:99:ef:03:6a:bf:96:b8:2f:29:
61:2a:14:3f:4b:be:aa:8a:3e:19:10:04:cd:5c:43:
f2:8d:53:06:77:6f:84:88:ee:d5:46:f5:2a:40:54:
bb:2c:e6:2c:92:6f:57:4b:d7:c7:a4:ad:2f:ff:b6:
8f:b9:8b:21:0a:be:34:d3:25:30:f1:a0:36:5b:f2:
d5:6a:98:f1:2a:7f:f3:2e:f8:f5:dd:8a:b2:b7:53:
7b:77:8a:01:8f:5c:9d:9d:78:c7:58:f9:44:c2:42:
e9:c0:69:33:9d:3d:41:e0:a1:bf:ed:ee:14:a5:32:
e2:5f:52:0d:d6:ee:f6:ac:fa:e3:9a:11:d9:fb:d3:
a5:fc:d5:c3:83:b6:c9:b8:49:26:26:f0:77:39:50:
da:85:e3:d0:ff:0d:dc:0f:39:a6:7d:13:75:62:df:
3c:73:2d:b7:54:33:7d:ab:e5:b4:54:c0:8c:53:40:
08:3c:9e:4f:dc:0b:5f:e3:2e:72:01:13:0a:ac:87:
41:91:ab:c1:28:72:d7:e7:ec:76:31:8f:ea:0b:2f:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:27:13:C0:FD:B1:AA:E9:1B:A6:04:14:0D:D1:07:1E:D2:84:F7:4E
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QicTwP2xqukbpgQUDdEHHtKE904.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.109.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:34:67:cc:6d:73:00:33:43:8b:fe:04:d0:0d:b0:a8:37:b0:
be:da:fa:92:4a:8a:b5:51:21:de:e0:66:11:07:23:09:57:22:
7a:11:71:76:2d:39:26:6f:0f:11:11:56:1a:f0:f1:7f:cb:2b:
17:21:3c:dd:9a:3d:5c:a9:74:92:21:48:3d:68:2c:05:7b:ea:
49:cb:ec:ba:49:32:04:0b:73:53:b8:28:e1:1b:44:5b:68:d3:
9f:e6:86:7f:34:51:89:32:75:92:51:e3:18:95:fd:54:33:8e:
39:77:28:bc:ec:91:8a:e8:f5:de:75:95:4a:67:a0:83:17:c4:
94:35:d4:ce:37:83:06:21:90:3d:3f:56:8e:fc:57:5b:cd:1d:
1c:9b:d2:d9:c7:d9:06:8f:14:39:b5:00:87:b3:f8:a2:fe:fc:
3e:65:a7:ee:74:59:21:30:26:7c:84:46:4f:07:1b:4d:6d:ae:
26:02:6f:18:98:12:8e:58:fa:81:e1:75:44:7b:0b:5f:3d:f1:
d5:24:02:6f:a2:70:15:09:23:fb:c9:40:3f:3a:9a:4e:50:b8:
10:7f:f1:6e:05:eb:10:70:52:37:de:25:2d:23:bc:49:f0:8d:
28:58:72:bc:59:e8:ad:49:2e:68:1e:ef:de:ca:a8:8a:3d:02:
24:23:63:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF0TEzDr6Jdv+0++RXtZ5VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwODIxMDkzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI3MTNjMGZkYjFhYWU5MWJhNjA0MTQwZGQxMDcxZWQyODRmNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQr01Ch2EKVCKmc8nr3sxtOaupX1
eXd8LCJaCjDelweJ3P9z19I6vFXZN3xkNKdQPPyZ7wNqv5a4LylhKhQ/S76qij4Z
EATNXEPyjVMGd2+EiO7VRvUqQFS7LOYskm9XS9fHpK0v/7aPuYshCr400yUw8aA2
W/LVapjxKn/zLvj13Yqyt1N7d4oBj1ydnXjHWPlEwkLpwGkznT1B4KG/7e4UpTLi
X1IN1u72rPrjmhHZ+9Ol/NXDg7bJuEkmJvB3OVDahePQ/w3cDzmmfRN1Yt88cy23
VDN9q+W0VMCMU0AIPJ5P3Atf4y5yARMKrIdBkavBKHLX5+x2MY/qCy/OZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEInE8D9sarpG6YEFA3RBx7ShPdOMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvUWljVHdQMnhxdWticGdRVURkRUhIdEtFOTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVRtMA0G
CSqGSIb3DQEBCwUAA4IBAQB6NGfMbXMAM0OL/gTQDbCoN7C+2vqSSoq1USHe4GYR
ByMJVyJ6EXF2LTkmbw8REVYa8PF/yysXITzdmj1cqXSSIUg9aCwFe+pJy+y6STIE
C3NTuCjhG0RbaNOf5oZ/NFGJMnWSUeMYlf1UM445dyi87JGK6PXedZVKZ6CDF8SU
NdTON4MGIZA9P1aO/FdbzR0cm9LZx9kGjxQ5tQCHs/ii/vw+ZafudFkhMCZ8hEZP
BxtNba4mAm8YmBKOWPqB4XVEewtfPfHVJAJvonAVCSP7yUA/OppOULgQf/FuBesQ
cFI33iUtI7xJ8I0oWHK8WeitSS5oHu/eyqiKPQIkI2ND
-----END CERTIFICATE-----
Generated at Tue Sep 10 12:17:18 2024 by rpki-client on console-fra.rpki-client.org